package cn.likole.oj.utils;

import javax.servlet.http.HttpSession;
import java.util.ArrayList;
import java.util.List;

/**
 * Created by likole on 8/20/18.
 */
public class CsrfUtil {

    public static void add(HttpSession session, String csrf) {
        List<String> csrfs;
        if (session.getAttribute("csrfs") == null) {
            csrfs = new ArrayList<>();
        } else {
            csrfs = (List<String>) session.getAttribute("csrfs");
        }
        csrfs.add(csrf);
        session.setAttribute("csrfs", csrfs);
    }

    public static boolean check(HttpSession session, String csrf) {
        if (session.getAttribute("csrfs") == null) return false;
        List<String> csrfs = (List<String>) session.getAttribute("csrfs");
        return csrfs.contains(csrf);
    }
}
